Mcafee Endpoint Security — known CVE vulnerabilities
Every CVE whose affected-product data names Mcafee Endpoint Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (37)
CVE-2020-7265 — CVSS 8.8 (high): Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user…
CVE-2020-7319 — CVSS 8.8 (high): Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local…
CVE-2020-7264 — CVSS 8.8 (high): Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete…
CVE-2019-3582 — CVSS 8.6 (high): Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to…
CVE-2020-7257 — CVSS 8.4 (high): Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to…
CVE-2021-23882 — CVSS 8.2 (high): Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local…
CVE-2020-7250 — CVSS 8.2 (high): Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows…
CVE-2016-8010 — CVSS 7.8 (high): Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS)…
CVE-2020-7331 — CVSS 7.8 (high): Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a…
CVE-2019-3586 — CVSS 7.5 (high): Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows…
CVE-2020-7278 — CVSS 7.4 (high): Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for…
CVE-2021-23878 — CVSS 7.3 (high): Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February…
CVE-2021-31843 — CVSS 7.3 (high): Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local…
CVE-2020-7332 — CVSS 7.0 (high): Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020…
CVE-2020-7323 — CVSS 6.9 (medium): Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows…
CVE-2020-7277 — CVSS 6.8 (medium): Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local…
CVE-2020-7320 — CVSS 6.7 (medium): Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local…
CVE-2021-23880 — CVSS 6.7 (medium): Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows…
CVE-2020-7273 — CVSS 6.7 (medium): Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS)…
CVE-2020-7274 — CVSS 6.6 (medium): Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows…
CVE-2020-7259 — CVSS 6.6 (medium): Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local…
CVE-2020-7263 — CVSS 6.5 (medium): Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local…
CVE-2020-7276 — CVSS 6.4 (medium): Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update…
CVE-2020-7261 — CVSS 6.1 (medium): Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020…
CVE-2016-3984 — CVSS 5.1 (medium): The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392…
CVE-2017-4028 — CVSS 5.0 (medium): Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an…
CVE-2020-7251 — CVSS 5.0 (medium): Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update…
CVE-2021-31842 — CVSS 5.0 (medium): XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a…
CVE-2019-3652 — CVSS 5.0 (medium): Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get…
CVE-2021-23881 — CVSS 4.8 (medium): A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 February 2021 Update allows…
CVE-2020-7308 — CVSS 4.8 (medium): Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and…
CVE-2020-7275 — CVSS 4.8 (medium): Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to…
CVE-2020-7333 — CVSS 4.8 (medium): Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update…
CVE-2020-7322 — CVSS 4.7 (medium): Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users…
CVE-2019-3653 — CVSS 4.6 (medium): Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows…
CVE-2021-23883 — CVSS 4.0 (medium): A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local…
CVE-2020-7255 — CVSS 3.9 (low): Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0…